da091f6395e82e09c6dcab3d47fbf22f978c1a3642eff0cee0d5a2cee818d17f | Triage

Sharing

General

Target

BsZpv
Size

3.4MB
Sample

240915-verekstgqm
MD5

f863d657b371f08e0bac6e8c3346409a
SHA1

f1b157dde5f31976995f3cf7cc34ef24fec8641f
SHA256

da091f6395e82e09c6dcab3d47fbf22f978c1a3642eff0cee0d5a2cee818d17f
SHA512

3ca196f3fe647732ed56355b20b6424ac64b01f76ee354d5d58f31c9710c4d9f7090756f5d699631496f66805d092d700560df2f942aa5e71bb26d964fec21ff
SSDEEP

98304:fzaNwvk2MzWD4ktEf29U7mvazPoYUhh7O2rnKu19SQ9:ra6vk2MzhGU7mvQwhcuKsN9

Score

5^/10

discovery execution link linux pdf

Malware Config

Targets

- Target
  
  epigrass-2.0a4/CustomModel.py
- Size
  
  15KB
- MD5
  
  83c500edd7c1bbb505c79a793b76643f
- SHA1
  
  b76b2d178c8f29066445081ff9cad110512f86f3
- SHA256
  
  a7784a969901a1d6675ce40bf48b8586ae69cc6328dd1ea8b22ba85272ab5a14
- SHA512
  
  29fc32977a441dd6cefba30c3b92a25fac071bdb2e37613ba6108b4c9900ecf228652200631ec8fd83cde8f798c0b49463f4fc001145d83c9d2b531a7c01b767
- SSDEEP
  
  192:0hG4WooYbY2ARovLvmlRC7SIVO5idUQyTVT5CnDOfCeQiKFrmaOPubUSsV3eC1f6:kGab+KDVrdUiaCZ8aUhS
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  epigrass-2.0a4/CustomModel_example.py
- Size
  
  1KB
- MD5
  
  b3b9870245a460a4f16cb38569717432
- SHA1
  
  9dc0946230fa25bb8b1cf7d1f226b01f1c876a95
- SHA256
  
  a42e5b852b851f3e89a5fadb14a9039783c1d5d8370534c831d3ad8152fd49b9
- SHA512
  
  80fa4c0e164bb72d47108c5d781792deeccb86bd85e91ded51ec4e1899e8c83bb133c4137648a112f880be676ea8331357ddc5138942aa241ce7ee7b164605cb
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  epigrass-2.0a4/Epigrass/HelpEpg.html
- Size
  
  11KB
- MD5
  
  355cfdbe65010cf0e3f2ccb12fbe76ba
- SHA1
  
  1a0bd0a70771c7f5d52886b8ea1991e92419415f
- SHA256
  
  6e311725003393330c0593157d64b74a6a7ca4216d4a781202d80bed4eeeb935
- SHA512
  
  233d4516a70c79dfd8bb95955dfbc885f7474215bf5407026480a8353598b9ccaa0f4485601f75e7837edc226ae186f98bace2b36d19a2d36ffd1b6fdcc52bd6
- SSDEEP
  
  192:TL1s4Zfb/6DxJ1gnVy+LrQLiNJyQA2+ibw1WPn8vV6ZH8PD5y9Rn1dcDRvd9Vk7a:H1s6j/oxjgnV5Ki3A2+EFYV6ZMd6eDkO
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  epigrass-2.0a4/Epigrass/Ui_about4.py
- Size
  
  27KB
- MD5
  
  c923ac966eb2d2f107e80539b956c8b6
- SHA1
  
  e9eb4e0035eddf4bb8f523c7e3378a7e78f0969a
- SHA256
  
  4b7852f26c1bd6564dc16fe9172fcc160a4b674d78d7e67622be0df0128826d0
- SHA512
  
  404adab2476c876521bfa6cdd85e071935f8b257894484bb9477c7db44278cf4c73ff390ccbb90718ae054cbb9ae8597b87cd8574e06a88bde1fd1d33d23cd85
- SSDEEP
  
  768:6aVR20Rgw1vxJqZ/FO4KIjzsVvFEHG7YrUWptYqd:DrQ9vd
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  epigrass-2.0a4/Epigrass/Ui_cpanel4new.py
- Size
  
  32KB
- MD5
  
  12ef474eb0db6712fa3ab10cdcc00090
- SHA1
  
  9d915c493a88b226615c664ac32bef7703f71671
- SHA256
  
  d468c0b5775b208ede82da5eb98ffac6b8d096fe6c9af0de3b1351597444aa60
- SHA512
  
  c4edf837dff7aec8b580e60e880fe5741d4c177537fc8a31d2751ee9f6df84c7b3270d9b46ea2e280bbf4eb7ac0bb2492f768c65b1cf2c19623a3e129ca9e17c
- SSDEEP
  
  384:q8+UGR6SU/242CT79Prs39vMG3PqRrf3QHrgRpfQqJfQvbLIhVD3Cex3Zgk:q16RQqxDKk
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  epigrass-2.0a4/Epigrass/Ui_display.py
- Size
  
  5KB
- MD5
  
  4934f6bfc1f5fef100352c3b5c05d471
- SHA1
  
  b646d146eebe78341a777935d13c0c4c1f4e96ad
- SHA256
  
  cd08ed78ca81f8555959f84d1c3e40d3df72dc203ba7a463e98d9416f5081de5
- SHA512
  
  a46279997365b58eec1fffbb40951cf08a1b75f7e2a150ed7a1d83700f67d1d28439220125718040598e9a112e041bba2c2fce775701fa8b9852b771e096e61f
- SSDEEP
  
  96:JmA3Qn4PWB2KkVy8IKSr3ALLurTfRYyJm6zGzVoQrnbuoRarMwh:cJ5Kw/zAHuxXFzgus6oRarJh
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  epigrass-2.0a4/Epigrass/Ui_epgeditor.py
- Size
  
  10KB
- MD5
  
  c4197e11a3b0a2f40380be55ce1a8459
- SHA1
  
  46dfbc6efce93e2d7d92e0863a45088062d0577f
- SHA256
  
  23bc55d3063aa685d8cb18c836f2fe31a9cb74cbeeb9be552598520e7b8f8823
- SHA512
  
  f35bf47b64f8af0610765f2d88a8ab9c612f4854a584c734a54f73833bb2b5c39d2a15cf527de548cfa38e2f162d8f94baf82716e6dff88b71d401193373710f
- SSDEEP
  
  192:07c+3GR6/vANj4zLi+qgZfgWouDxktDFkWSFkijhuoPhTQJPgp4rk:ic+3GR63G+qgZfgWouDyZkWakijhTQJs
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  epigrass-2.0a4/Epigrass/__init__.py
- Size
  
  1B
- MD5
  
  68b329da9893e34099c7d8ad5cb9c940
- SHA1
  
  adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
- SHA256
  
  01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
- SHA512
  
  be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  epigrass-2.0a4/Epigrass/__version__.py
- Size
  
  18B
- MD5
  
  0127eedf06af365b03d618960b9e516c
- SHA1
  
  247add0d66ceef9e2573ccf545ccd303ef559560
- SHA256
  
  a6cc52c7fec0ad3abb6110235cf50e92b3d5c0bd4cb1abf18eac6e9868402877
- SHA512
  
  8044cf0b41c58d37c14155cec3933d6947a5817c7d143beffddbb9ba257e6ba43442c7cead5b133ff67cb531415c63527b1cafd99b4cca36e3263698950e272b
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  epigrass-2.0a4/Epigrass/cpanel.py
- Size
  
  20KB
- MD5
  
  e5e54ce8fe3a728a6e6be0434b17b2ce
- SHA1
  
  09db6829570e8769696328986965eaaa9898efad
- SHA256
  
  86155455b6f5118941bd7c855a1802ed40a883ee0ece3794f8d66c6f0923888d
- SHA512
  
  50ea28ee4ebc7eddb647d2987e056a167f2292eaf6749c72479dfd248389476f070a0eeabeb5c08e0ac001394d3a098b2367a5ba50ec3b6a08890e173444347d
- SSDEEP
  
  384:/nanHx0XMGrJ0p9c+yQ9tEPVwZrv/yaJ/:/1keaB
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  epigrass-2.0a4/Epigrass/dataObject.py
- Size
  
  1KB
- MD5
  
  482a52d7ce3b11ed52f5e46a36c4abae
- SHA1
  
  76030d0fe65a7122be135935aaac0504bd1563d7
- SHA256
  
  1c8f328596277fcd97c4bdef63679465411ffaa47d29a132987d935fb42a174e
- SHA512
  
  16374fec2890e38b8ed52d413d8cb34bc8f82e695eb618c6d6d9fd99b447cdde3de8b6a7f916144b95a92e02a104b6bba8a03df6c2fca1da582d8de9a224d059
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  epigrass-2.0a4/Epigrass/data_io.py
- Size
  
  6KB
- MD5
  
  a7181a86ec984c808c1bda9c9ad3a365
- SHA1
  
  27537598f96d1563451389f36d5e574d8a5c16b2
- SHA256
  
  f9788549647b1d169bd78848ffae0b1c83fdc7b7f30a10015b86580d89c054b3
- SHA512
  
  bdca099daae8e60bbb3aa66222af290d86de26a8711257fcb5bc9a68feed1174f12986a71f85929bcb8404956f14f5cbb98ecb4308bc89037706931c41425e1f
- SSDEEP
  
  192:kqY1+GF48uQ87stAgHHgIgzaoX4R6RtwHb6kDTYVKzMvvG1:G19qEApBRtw7hDiKzp1
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  epigrass-2.0a4/Epigrass/dgraph.py
- Size
  
  35KB
- MD5
  
  e0cfd13e6a2dfb20e0af95362e78898d
- SHA1
  
  9b8383220ced9b0f399d69cb51eb70d2ed1b0524
- SHA256
  
  7b201ac51cd884c13829a83ddc86e81cebcd3051ec86913fe48b8a465b5e1cf4
- SHA512
  
  9796ad037ea5f7e2b0c4fb6c85d0bc91aa1830e096ac5217c27ee164f219e3bf23330b849bf913431d85255a8be482d30a7286bedb5303f5372a7453e69e961b
- SSDEEP
  
  384:EW93EjKPRSPzKtdAkwyi88N85nQMcBZ5/n/lVDVEa0:132KPEPzKtTVixN85Q3Z5/n/lVL0
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  epigrass-2.0a4/Epigrass/elasticnodes.py
- Size
  
  13KB
- MD5
  
  5d8a1b864d7720eb848ae8e2ac9a0543
- SHA1
  
  e3329157f220a17f2f67d8a836db72292c508a98
- SHA256
  
  373e3f95d29e73a7fccce5ec7c63e47784e9bb93f97478b8f9c54885403ae36b
- SHA512
  
  9b6b48f2df312403087d7393957a126deaabd822194cab9825683bb71dec7cb6ef0f7cee131b54b5e2f896bc55b58b5731d082457edee2bc23f0786981be8349
- SSDEEP
  
  96:f9zkzU+VPtUIQxDLhaTtbl/7ppjZ2g4znOZ0ZQPK/4dJdDz5KHetz3N+IKi/gXP0:fRoCDVMXeoi6/M+NKIDK0N97rtcloJ
Score

3^/10

execution
behavioral27 behavioral28 behavioral29 behavioral30
- Target
  
  epigrass-2.0a4/Epigrass/epgeditor.py
- Size
  
  7KB
- MD5
  
  5584b2d516d9ee1367f784e2c315d327
- SHA1
  
  4bd6e35d64994d3adb09467c690860fc00f8f081
- SHA256
  
  329ed08c9079da2763a90db4622142e8e61b9a5d7be405be54340c6ce6d23b5d
- SHA512
  
  54b1481b394c55b3f98b0cbb26342f53f0f00af369eec53cc3395707aabc719614306179e49654748ca0d31eca2d27a3a17dad536747237ddb3228b3941e1df9
- SSDEEP
  
  96:OTgV/klswiZn18wnXup11kJ3s9mAb3YIIpMtRdVYTNIPBYqlKrWqepvWAO/Ov24H:09m5EDbvIpUR2NIPj6IcL+jCRWAi
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Python

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32